//$URL: http://dasding.googlecode.com/svn/trunk/api/src/main/java/de/piratech/dasding/api/rest/UserIdResource.java $
//$Id: UserIdResource.java 133 2013-04-19 20:55:09Z krieg.maria@gmail.com $
/*
 * Copyright 2012 Piratech.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package de.piratech.dasding.api.rest;

import de.piratech.dasding.data.User;
import de.piratech.dasding.data.database.DatabaseException;
import de.piratech.dasding.data.helper.PasswordHelper;
import de.piratech.dasding.security.annotations.RequireUserIdCheck;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

/**
 * Resource for all calls for a specific user.
 * <p>
 * Those include: <p>
 * GET: Loads the user-data<br>
 * PUT: Updates the user-date<br>
 * POST: -<br>
 * DELETE: Deletes the user<br>
 *
 * @author deveth0
 * @since 0.4
 */
@Path("/users/id/{userid}")
@Component
@RequireUserIdCheck
public class UserIdResource extends AbstractResource {

  private static final Logger LOG = LoggerFactory.getLogger(UserIdResource.class);

  /**
   * Returns a single user by id
   *
   * http://localhost:8080/dasding.api/api/users/1
   *
   * GET
   *
   * @param pUserId
   * @param pSecurityContext
   * @return
   */
  @GET
  @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
  public User getUser(
          @PathParam("userid") String pUserId,
          @Context SecurityContext pSecurityContext) {
    LOG.debug("getUser({})", pUserId);
    try {
      return getUserFromSecurityContext(pSecurityContext);
    } catch (Exception dbe) {
      throw getBadRequestException(dbe);
    }
  }

  /**
   * Updates the user with the given id
   *
   * http://localhost:8080/dasding.api/api/users/1
   *
   * PUT
   *
   * @param pUserId
   * @param pPassword
   * @param pMail
   * @param pPhone
   * @param pMobile
   * @param pSecurityContext
    *
   * @return
   */
  @PUT
  public Response updateUser(
          @PathParam("userid") String pUserId,
          @QueryParam("password") String pPassword,
          @QueryParam("phone") String pPhone,
          @QueryParam("mobile") String pMobile,
          @QueryParam("mail") String pMail,
          @Context SecurityContext pSecurityContext) {
    LOG.debug("updateUser(id={}, phone={}, mobile={}, mail={})", pUserId, pPhone, pMobile, pMail);
    try {
      User user = getUserFromSecurityContext(pSecurityContext);
      if (StringUtils.isNotBlank(pPassword)) {
        user.setPassword(PasswordHelper.getCryptedPassword(pPassword, user.getName()));
      }
      if (StringUtils.isNotBlank(pPhone)) {
        user.setPhone(pPhone);
      }
      if (StringUtils.isNotBlank(pMobile)) {
        user.setMobile(pMobile);
      }
      if (StringUtils.isNotBlank(pMail)) {
        user.setMail(pMail);
      }
      if (!user.isValid()) {
        return getBadRequestResponse();
      }
      getUserData().updateUser(user);
      return getNoContentResponse();
    } catch (DatabaseException dbe) {
      return getBadRequestResponse(dbe);
    }
  }

  /**
   * Deletes the given user
   *
   * http://localhost:8080/dasding.api/api/users/1
   *
   * DELETE
   *
   * @param pUserId
   * @param pSecurityContext
   *
   * @return Response
   *
   */
  @DELETE
  public Response deleteUser(@PathParam("userid") String pUserId, @Context SecurityContext pSecurityContext) {
    LOG.debug("deleteUser({})", pUserId);
    try {
      getUserData().deleteUser(getUserFromSecurityContext(pSecurityContext));
      return getNoContentResponse();
    } catch (DatabaseException dbe) {
      return getBadRequestResponse(dbe);
    }
  }

  @Override
  protected Logger getLogger() {
    return LOG;
  }
}
